package com.sh.controller;


import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import com.alibaba.fastjson.JSONObject;
import com.sh.entity.Users;
import com.sh.service.UsersService;

@Controller
public class LoginController {
	@Autowired 
	UsersService usersService;
	
	@RequestMapping("/test")
	public String test() {
		return "forward:/login.html";
	}
	
	
	@RequestMapping("/login")
	@ResponseBody
	public JSONObject login(Users u) throws IncorrectCredentialsException {
		JSONObject jsonobject=new JSONObject();
		Users userForBase=  usersService.getAllByName(u.getUloginName());
		
		UsernamePasswordToken t=null;
		System.out.println("从数据库中获取到用户的数据："+userForBase);
		if(userForBase==null) {//如果用户名为空
			jsonobject.put("success", false);
			jsonobject.put("message", "登录失败,不存在此用户");
			return jsonobject;
		}else {
			/*
			 * if(u.getUpassWord() != userForBase.getUpassWord()) {
			 * System.out.println(u.getUpassWord()+"----------"+userForBase.getUpassWord());
			 * errorCount+=1; jsonobject.put("success", false); String msg;
			 * if(errorCount==5) { msg="密码错误次数上限,账户已锁定<br/>请找回密码或联系管理员重置密码"; }else {
			 * msg="密码错误！你还有"+(5*errorCount-1)+"次机会"; } jsonobject.put("message", msg);
			 * return jsonobject; } else if(userForBase.getUisLockout()==1) {
			 * jsonobject.put("success", false); jsonobject.put("message",
			 * "登录失败！你的账户已锁定<br/>请找管理员解锁"); return jsonobject; }else { errorCount=0; try {
			 * Subject subject=SecurityUtils.getSubject(); t=new
			 * UsernamePasswordToken(userForBase.getUloginName(),
			 * userForBase.getUpassWord()); subject.login(t); } catch
			 * (AuthenticationException e) { e.printStackTrace(); }
			 * catch(AuthorizationException e) { e.printStackTrace(); } }
			 */
			Subject subject=SecurityUtils.getSubject(); 
			t=new UsernamePasswordToken(u.getUloginName(),u.getUpassWord());
			Integer errorCount=0;
            try{
            	//执行登录
                subject.login(t);
                System.out.println("登录成功1");
            }catch (IncorrectCredentialsException e){
            	errorCount= errorCount+1;//密码错误 错误次数+1
            	System.out.println(errorCount);
            	String msg;
            	if(errorCount == 5) {
            		jsonobject.put("message", "密码错误次数上限，账户已被锁定<br/>请找回密码或联系管理员重置密码");
            		 return jsonobject; 
            	}else if(userForBase.getUisLockout()==1) {
            		 jsonobject.put("message", "登录失败！你的账户已锁定<br/>请找管理员解锁"); 
            		 return jsonobject; 
            	}else {
            		msg="密码错误！你还有"+(errorCount-1)+"次机会";
            		jsonobject.put("message", msg);
            	}
                System.out.println("密码不正确");
                jsonobject.put("success", false);
        		
        		return jsonobject;
            }

			
		}
		
		jsonobject.put("success", true);
		jsonobject.put("message", "登陆成功");
		jsonobject.put("token", t);
		jsonobject.put("user", userForBase);
		return jsonobject;
	}
}
